Decentralized Supervisory Control with Communicating Supervisors Based on Top-Down Coordination Control

Decentralized Supervisory Control with Communicating Supervisors Based on Top-Down Coordination Control

Jan Komenda and Tom´aˇs Masopust

Abstract— In this paper we present a new approach to de- centralized supervisory control of large automata with commu- nicating supervisors. We first generalize the recently developed top-down architecture of multilevel coordination control with a hierarchical structure of groups of subsystems, their respective coordinators and supervisors. Namely, in the case where the equivalent conditions for achieving a specification language fail to be satisfied, we propose sufficient conditions for a dis- tributed computation of the supremal achievable sublanguage.

We then apply the obtained constructive results of multilevel coordination control to decentralized supervisory control with communication, where local supervisors of subsystems within a group communicate with each other via the coordinator of the group. Our approach is illustrated by an example.

I. INTRODUCTION

Decentralized supervisory control has been introduced in [11] aiming at decreasing the computational complexity of supervisory control of large automata without a product structure based on a single (centralized) supervisor. As it turned out that coobservability of a specification language, the necessary condition to achieve the specification in de- centralized supervisory control, is too strong, two different approaches have been proposed. The first one is based on communication between supervisors to achieve coobservabil- ity with respect to observable alphabets enriched by commu- nicated event occurrences, cf. [1] and [9]. The second one consists in proposing new and more general decentralized su- pervisory control architectures that lead to weaker notions of coobservability. The original notion of coobservability [11]

has been called conjunctive and permissive (C & P), while an alternative architecture called disjunctive and antipermissive (D & A) has been proposed in [13] together with their com- bination. Among weaker concepts of coobservability, one should cite a general architecture combining both architec- tures [13] or even more general architectures with possible several levels of inferencing leading to conditional versions of coobservability [14].

Coordination control [8] can be seen as a trade-off between a purely local (modular) control synthesis that often fails in achieving sufficiently permissive supervisors and leads to blocking, and a global control synthesis that is too expensive from the computational complexity viewpoint. We have extended coordination control to the multilevel setting with a hierarchical structure of groups of subsystems, their

J. Komenda (komenda@math.cas.cz) is with the Institute of Mathematics, Academy of Sci. of the Czech Republic, ˇZiˇzkova 22, 616 62 Brno, Czech Republic. T. Masopust (masopust@math.cas.cz₎ is with Technische Universit¨at Dresden, Germany.

respective coordinators, and supervisors in [7]. The top- down approach proposed therein along with the correspond- ing notions of conditional decomposability and conditional controllability enables to compute the supervisors only at the lowest level. Unlike centralized coordination, supervisors of subsystems communicate only within the groups on the same level of hierarchy via the group coordinators located on the next upper level of hierarchy.

In [5], we have proposed a generic approach that consists in applying the results of coordination control of automata with a synchronous-product structure to decentralized control of automata without an explicit product structure. It is based on the over-approximation of the automaton without a product structure by a product of its natural projections to the alphabet of local supervisors. However, a communication structure is not interesting, because all local supervisors communicate with each other via a coordinator.

In this paper we benefit from recent results of multilevel coordination control. First, earlier existential results [7] are extended to a construction procedure that computes the least restrictive solution for the top-down architecture of multi- level coordination control. These results are then applied to the original decentralized control problem, which is solved using an underlying communication scheme, where local supervisors of subsystems within a group communicate with each other via a coordinator of the group. The optimal solution obtained by coordination control leads to a (possibly non-optimal) solution of the original decentralized control problem.

II. EXISTENTIAL RESULTS OF MULTILEVEL COORDINATION CONTROL

Basic notions and notational conventions are first recalled.

The free monoid of strings over an alphabetAis denoted by A^∗. A language is a subset ofA^∗. The prefix closure of a lan- guageL⊆A^∗is the set of all prefixes of all its strings and is denoted byL={w∈A^∗|there existsv∈A^∗ such thatwv∈ L};L is prefix-closed ifL=L. All languages considered in this paper are assumed to be prefix-closed.

Ageneratoris a quadrupleG= (Q,A,f,q0)consisting of a finite set ofstates Q, a finitealphabet A, apartial transition function f :Q×A→Q, and an initial state q₀∈Q. The function f can be extended in the standard way to strings, i.e.

f:Q×A^∗→Q. We recall thatL(G) ={s∈A^∗|f(q₀,s)∈Q}

is called thegenerated language ofG.

A controlled generator over an alphabet A is a triple (G,A_c,Γ), whereGis a generator overA,A_c⊆Ais a set of controllable events,A_u=A\A_c is the set of uncontrollable

events, andΓ={γ⊆A|A_u⊆γ}is theset of control patterns.

A supervisor for a controlled generator (G,A_c,Γ)is a map S:L(G)→Γ. The closed-loop system associated with the controlled generator(G,A_c,Γ)and the supervisorSis defined as the minimal languageL(S/G)such that ε∈L(S/G)and, for anys∈L(S/G)withsa∈L(G)anda∈S(s),sa belongs toL(S/G).

A language K⊆A^∗ is controllable with respect toL and A_u ifKA_u∩L⊆K.

Aprojection P:A^∗→B^∗, forB⊆A, is a homomorphism defined asP(a) =ε, fora∈A\B, andP(a) =a, fora∈B.

Theinverse imageofP, denoted byP⁻¹:B^∗→2^A∗, is defined as P⁻¹(w) ={s∈A^∗|P(s) =w}. These definitions can be extended to languages. For alphabetsA_i,A_j,A_{`</sub>⊆A, we use P<sub>`}^i+j to denote the projection from(A_i∪A_j)^∗ toA^∗_{`</sub>. If A<sub>i</sub>∪ A<sub>j</sub>=A, we simply writeP<sub>`}. Moreover,A_i,u=A_i∩A_udenotes the set of locally uncontrollable events. For a generator G and a projectionP,P(G)denotes the minimal generator such that L(P(G)) =P(L(G)). The reader is referred to [2] for a construction.

LetGbe a generator over an alphabetA. Given a specifi- cationK⊆L(G), the aim of supervisory control is to find a supervisorSsuch thatL(S/G) =K. Such a supervisor exists if and only ifK is controllable with respect toL(G)andA_u, see [2].

The synchronous product of languages L_i⊆A^∗_i, for i= 1, . . . ,n, is defined askⁿ_i=1L_i=∩ⁿ_i=1P_i⁻¹(L_i)⊆A^∗, whereA=

∪ⁿ_i=1A_i, and P_i:A^∗→A^∗_i are projections to local alphabets.

The corresponding synchronous product of generators G_i (see [2] for definition) satisfies L(kⁿ_i=1G_i) =kⁿ_i=1L(G_i).

A projectionQ:A^∗→B^∗ is anL-observerfor a language L⊆A^∗ if, for every t∈Q(L) and s∈L, Q(s) is a prefix of t implies that there exists u∈A^∗ such that su∈L and Q(su) =t, cf. [12].

We need the following obvious lemma and results below.

Lemma 1: For any language L⊆A^∗ and projections P₁: A^∗→B^∗₁ and P₂:A^∗→B^∗₂ with B₂⊆B₁⊆A, it holds that P₁(L)kP₂(L) =P₁(L).

Lemma 2 (Lemma 4.3 in [3]): Let K⊆Lbe controllable with respect toLandA_u. If the natural projectionP:A^∗→A^∗_o is an L-observer and OCC for L, then P(K) is controllable with respect toP(L) andA_u∩A_o.

Lemma 3 (Proposition 4.6 in [3]): For i = 1, . . . ,n, let K_i⊆L_i be controllable with respect toL_i⊆A^∗_i andA_i,u, then kⁿ_i=1K_i is controllable with respect tokⁿ_i=1L_i and∪ⁿ_i=1A_i,u.

Now we recall the basic notions of coordination con- trol [8]. A language K over ∪ⁿ_i=1A_i is conditionally decom- posable with respect to alphabets (A_i)ⁿ_i=1 and A_k, where

∪^i6=j_1≤i,j≤n(A_i∩A_j)⊆A_k⊆ ∪ⁿ_i=1A_j, if K=kⁿ_i=1Pi+k(K),

for projectionsP_i+k from∪ⁿ_j=1A_j toA_i∪A_k, fori=1, . . . ,n.

Alphabet A_k is referred to as a coordinator alphabet and satisfies the conditional independence property, that is, A_k includes all shared events: ∪^i6=j_1≤i,j≤n(A_i∩A_j)⊆A_k. This has the following well known impact.

Lemma 4 ([3]): LetP_k:A^∗→A^∗_k be a projection, and let L_i be a language overA_i, for i=1, . . . ,n, and∪^i6=j_1≤i,j≤n(A_i∩ A_j)⊆A_k. ThenP_k(kⁿ_i=1L_i) =kⁿ_i=1P_k(L_i).

The idea of coordination control is to first construct a su- pervisorS_ksuch that the closed-loop systemL(S_k/Gk)satis- fies the ”coordinator part” of the specification given byP_k(K) and then local supervisorsS_i for plantsG_ik(S_k/Gk), for i= 1, . . . ,n, such that the closed-loop systemL(S_i/[Gik(S_k/Gk)]) satisfies the corresponding part of the specification given by P_i+k(K). Conditional controllability along with conditional decomposability form an equivalent condition for a language to be achieved by the closed-loop system within our coordi- nation control architecture, see below.

A language K⊆L(G₁kG₂k. . .kG_nkG_k) is conditionally controllable for generatorsG₁,G₂, . . . ,G_nand a coordinator G_k and uncontrollable alphabetsA_1,u,A_2,u, . . . ,A_n,u, andA_k,u if (1) P_k(K) is controllable with respect to L(G_k) andA_k,u and (2)Pi+k(K)is controllable with respect toL(G_i)kP_k(K) andA_i+k,u=A_i+k,u= (A_i∪A_k)∩Au, fori=1,2, . . . ,n.

Recall that every conditionally controllable and condition- ally decomposable language is controllable [8]. The main existential result of [8] states that for a specificationK⊆A^∗ that is conditionally decomposable, there exist supervisors S₁,S2, . . . ,S_n, andS_k such that kⁿ_i=1L(S_i/[Gik(S_k/G_k)]) =K if and only ifK is conditionally controllable.

III. CONSTRUCTIVE RESULTS OF TWO-LEVEL COORDINATION CONTROL

In this section we assume that G=G1kG₂k. . .kGn and that the subsystems are organized intomgroupsIj, for j= 1,2, . . . ,m. The notation

A_Ir=^[

i∈I_rA_i

is used in the paper. Here P_Ir denotes the projection P_Ir : A^∗→A^∗_I

r. The notation for a projection to extended group events P_Ir+k:A^∗→(A_k∪A_Ir)^∗ should be self-explanatory.

We have introduced the corresponding notion of conditional decomposability in [7].

Definition 5 (Two-level conditional decomposability):

A languageK⊆A^∗is calledtwo-level conditionally decom- posable with respect to alphabets A1,A2, . . . ,An, high-level coordinator alphabetA_k, and low-level coordinator alphabets A_k1,A_k2, . . .A_km if

K=k^m_r=1P_Ir+k(K) and P_Ir+k(K) =kj∈I_rP_j+kr+k(K) forr=1,2, . . . ,m.

Remark 6: Unlike the original approach in [7] we propose the following simplification. Instead of using both low-level coordinator alphabetsA_kj, j=1,2, . . . ,m, and high-level co- ordinator alphabetA_k, we will only use low-level coordinator alphabetsA_kj, j=1,2, . . . ,m. We recall thatA_kcontains only events shared between different groups of subsystems, that is,A_k⊇<sup>Sk6=`</sup>k,`∈{1,2,...,m}(A_Ik∩AI_`), which is typically a much smaller set than the set of shared events (between two or more subsystems). Thus, for j=1,2, . . . ,m, we define new low-level coordinator alphabets A_kj :=A_k∪A_kj by putting

into the alphabets of group coordinators A_kj also events from the global coordinator set (if this is nonempty). This is possible, because only prefix-closed languages are used, which means that no high-level coordinators for nonblocking are needed. We recall that in the prefix-closed case the coordinators are actually determined by the corresponding alphabets from Definition 5 as a projection of the plant to these alphabets. This simplification is used because this paper is technically involved.

Problem 7 (Two-level coordination control problem):

Let generators G1, G2,. . . , G_n be over the alphabets A1, A2,. . . , An, respectively, and consider the modular system as their synchronous product G =G1kG₂k. . .kGn along with the two-level hierarchical structure of subsystems organized into groups I_j, for j =1,2, . . . ,m and m≤n, on the low level. The synchronous products ki∈I_j G_i, for j =1,2, . . . ,m, then represent the m high-level systems.

Coordinators G_kj are associated to groups of subsystems {G_i|i∈I_j}, for j=1,2, . . . ,m. The two-level coordination control problem consists in synthesizing supervisors S_i for any low-level systemsG_i, fori=1,2, . . . ,n, and higher-level supervisors S_kj supervising the group coordinator G_kj, for j =1,2, . . . ,m, such that the specification is met by the closed-loop system. Then the two-level coordinated and supervised closed-loop system is

k^m_j=1ki∈I_j L(S_i/[G_ik(S_kj/Gkj)]). / For a specificationK, the coordinatorG_kj of the j-th group of subsystems{G_i|i∈I_j} is computed as follows.

1) Set A_kj =<sup>Sk6=`</sup><sub>k,`∈I</sub>

j(A_k∩A_`) to be the set of all shared events of systems from the groupIj.

2) ExtendA_kj so that P_Ij+k(K) is conditional decompos- able with respect to(A_i)i∈I_j andA_kj, for instance using a method described in [6].

3) Let coordinator G_kj=kⁿ_i=1P_kj(G_i).

With the definition thatA_k⊆A_kj described in Remark 6, we can simplifyL(G_k)kL(G_kj)of [7] toL(G_kj). Indeed, by our choice of coordinators L(G_k)kL(G_kj) =P_k(L)kP_kj(L) = P_kj(L) =L(G_kj), where L=kⁿ_i=1.

Therefore, instead of both low-level coordinatorsG_kj, for j=1,2, . . . ,m, for subsystems belonging to individual groups {G_i|i∈I_j} and high-level coordinators G_k that coordinate the different groups, we are using only low-level (group) coordinatorsG_kj, but over larger alphabets compared to [7].

Since the only known condition ensuring that the projected generator is smaller than the original one is the observer property [12] we might need to further extend alphabetsA_kj so that projectionP_kj is anL(G_i)-observer, for alli∈I_j.

We assume that the specification is prefix-closed, hence the blocking issue is not considered in this paper. Blocking can be handled using coordinators for nonblockingness studied in [8].

The key concept is the following.

Definition 8 ([7]): Consider the setting and notations of Problem 7, and let G_k be a coordinator. A language K⊆ L(kⁿ_i=1G_i)istwo-level conditionally controllablewith respect

to generators G₁,G₂, . . . ,G_n, local alphabets A₁,A2, . . . ,A_n, low-level coordinator alphabets A_k1,A_k2, . . .Akm, and uncon- trollable alphabetA_uif

1) P_kj(K)is controllable with respect toL(G_kj)andA_kj,u, 2) for j=1,2, . . . ,m and i∈I_j, P_i+kj(K) is controllable

with respect toL(G_i)kP_kj(K)andAi+k_j,u.

Note that we have simplified the original version of two-level conditional controllability from [7] by replacing the composition L(G_k)kL(G_kj) by L(G_kj) as discussed in Remark 6. For a future reference we will say thatK is two- level conditionally controllable with respect toG_i, fori∈I_l, andG_kl, i.e., several items are omitted (but should be clear from the problem formulation).

The following lemma shows how to construct a two-level conditional controllable language as the synchronous com- position of conditionally controllable languages for groups.

Lemma 9: For all l=1,2, . . . ,m, let the languages M_l⊆ A^∗_I

l be conditionally controllable with respect toG_i, fori∈ I_l, andG_kl, and conditionally decomposable with respect to alphabets A_i, fori∈I_l, and A_kl, and A_{k`</sub>⊇A<sub>k</sub>⊇<sup>S</sup><sub>k6=`}(A_Ik∩ A_I`).

If for alll=1,2, . . . ,m,P_k^kl is aL_kl-observer and OCC for P_kl(M_l), thenk^m_l=1M_l is two-level conditionally controllable with respectG_i, fori∈I_l, andG_kl, for l=1,2, . . . ,m.

The main existential result of multilevel coordination control is now recalled from [7].

Theorem 10: Consider the setting of Problem 7 (in par- ticular K is two-level conditionally decomposable with respect to local alphabets A₁,A₂, . . . ,A_n, high-level coor- dinator alphabet A_k, and low-level coordinator alphabets A_k1,A_k2, . . .Akm). There exist supervisors S_i, for i∈I_j, for low-level systems within any group of low-level systems {G_i |i∈I_j}, for j =1,2, . . . ,m, and supervisors S_kj, for

j=1,2, . . . ,m, for low-level coordinators such that

k^m_j=1ki∈I_j L(S_i/Gik(S_kj/Gk_j)) =K (1) if and only if K is two-level conditionally controllable as defined in Definition 8.

In the last section we have recalled two-level coordination control framework with the main existential result. A natural question is what to do if the specification fails to satisfy the necessary and sufficient conditions for being achievable. We recall from [8] that in the case specification K fails to be conditionally controllable, the supremal conditionally con- trollable sublanguage always exists and can be computed in a distributive way. First, we show that two-level conditional controllability is closed under language unions as well.

Theorem 11: Two-level conditional controllability is closed under language unions, that is, supremal two-level conditional controllable languages always exist.

By Theorem 11, the supremal two-level conditional con- trollable sublanguage of a specification K with respect to A_k1,A_k2, . . .Akm, and A_u, denoted by sup 2cC(K,L,A_i+kj), always exists. Below we propose a procedure to compute the supremal two-level conditional controllable sublanguage sup 2cC(K,L,A_i+kj).

Similarly as in the centralized coordination we introduce the following notation. For all j=1,2, . . . ,mandi∈I_j,

sup C_k

j=sup C(P_kj(K),L(G_kj),A_kj,u) sup C_i+k

j=sup C(P_i+kj(K),L(G_i)ksup C_k

j,Ai+kj,u) (2)

where sup C(K,L,A_u)denotes the supremal controllable sub- language ofK with respect toL andA_u, see [2].

Similarly as in the centralized coordination, the following inclusion always holds true.

Lemma 12: For all j=1,2, . . . ,m and for all i∈I_j, we have that P_k^i+kj

j (sup C_i+k

j)⊆sup C_k

j.

Transitivity of controllability is needed later.

Lemma 13 ([8]): Let K ⊆L⊆M be languages over A such thatKis controllable with respect toLandA_u, andLis controllable with respect toMandAu. ThenKis controllable with respect toM andAu.

The main constructive result follows.

Theorem 14: Consider Problem 7 and languages defined in (2). If ∩i∈I_jP_k^i+kj

j (sup C_i+k

j) is controllable with respect toL(G_kj)and A_kj,u, and if for all j=1,2, . . . ,m, P_k^kj is an L_kj-observer and OCC for L_kj, then sup 2cC(K,L,A_i+kj) = k^m_j=1ki∈I_jsup C_i+k

j.

Note that controllability of ∩i∈I_jP_k^i+kj

j (sup C_i+k

j)with re- spect to L(G_kj) and A_kj,u for all j=1,2, . . . ,m, is not a suitable condition for verification. Clearly, for our prefix- closed languages, controllability of P_k^i+kj

j (sup C_i+k

j) with

respect to L(G_kj) and A_kj,u, for j=1,2, . . . ,m and i∈I_j, implies it. Moreover, two stronger checkable conditions are provided below.

It is easy to see that the equality in Lemma 12 implies the sufficient condition of Theorem 14. Indeed, if for all

j=1,2, . . . ,mand for alli∈I_j, we haveP_k^i+kj

j (sup C_i+k

j)⊆

sup C_k

j, then in particular P_k^i+kj

j (sup C_i+k

j) is controllable with respect to L(G_kj) and A_kj,u. Hence, for all j = 1,2, . . . ,m,∩_i∈IjP_k^i+kj

j (sup C_i+k

j)is controllable with respect toL(G_kj)andA_kj,u, which proves the following result.

Corollary 15: Consider the setting of Problem 7 and the languages defined in (2). If for all j =1,2, . . . ,m, P_k^kj is an L_kj-observer and OCC for L_kj, and for all i∈ I_j, P_k^i+kj

j (sup C_i+k

j) =sup C_k

j, then sup 2cC(K,L,Ai+k_j) = k^m_j=1ki∈I_j sup C_i+k

j.

There is yet another sufficient condition that guarantees the controllability requirement in Theorem 14. Namely, local control consistency and observer properties (that are checkable by well-known methods).

Lemma 16: For all j=1,2, . . . ,m and i∈I_j, let P_k^i+kj

j

be an(P_i^i+kj)⁻¹L(G_i)-observer and OCC for(P_i^i+kj)⁻¹L(G_i).

Then, for all j=1,2, . . . ,m,∩_i∈IjP_k^i+kj

j (sup C_i+k

j)is control- lable with respect toL(G_kj)andA_kj,u.

We point out that even without the above conditions, k^m_j=1ki∈I_jsup C_i+k

j is controllable with respect to L, but we cannot guarantee maximal permissiveness with respect to the two-level coordination control architecture.

IV. DECENTRALIZED SUPERVISORY CONTROL WITH COMMUNICATION

In this section, constructive results of the top-down coordi- nation are applied to decentralized supervisory control with communicating supervisors. To avoid any confusion we use systematicallyΣto denote alphabets in decentralized control, while notation A is reserved for alphabets in coordination control. Decentralized supervisory control is now briefly recalled.

A. Decentralized Supervisory Control Problem

Decentralized supervisory control differs from modular or coordination control, because the global system is a large automaton without a product structure. In decentralized supervisory control sensing and actuating capabilities are distributed among local supervisors (S_i)ⁿ_i=1 such that each S_i observes a subsetΣ_o,i⊆Σand based on its observation it can disable its controllable eventsΣ_c,i. Projections to locally observable events are denoted by Pi :Σ^∗→Σ^∗_o,i. We use the notation Σc=∪ⁿ_i=1Σc,i, Σo=∪ⁿ_i=1Σo,i, Σu=Σ\Σc, and Σuo=Σ\Σo.

Formally, a local supervisorS_ifor a generatorGis defined as a mappingS_i:P_i(L(G))→Γ, whereΓ_i={γ⊆Σ|γ⊇(Σ\ Σ_c,i)}is the set of local control patterns, andS_i(s)represents the set of locally enabled events whenS_i observes a string s∈Σ^∗_o,i. Then the permissive local supervisor law isS_i(s) = (Σ\Σ_c,i)∪{a∈Σ_c,i| ∃s⁰∈K withP_i(s⁰) =P_i(s)ands⁰a∈K}.

The global control law S is given by conjunction of local ones: for w∈Σ^∗_o,i, S(w) =∩ⁿ_i=1Si(P_i(w)), This is why this control architecture is nowadays referred to as conjunctive and permissive.

Definition 17: K⊆L isC&P coobservablewith respect to L=L(G) and (Σ_o,i)ⁿ_i=1 if for all s∈K, a∈Σ_c, and sa∈L\K, there exists i∈ {1,2, . . . ,n} such that a∈Σ_c,i and(P_i⁻¹(P_i(s)){a} ∩K=/0.

C&P coobservability can be interpreted in the following way: if we exit from the specification by an event a, then there must exists at least one local supervisor that can control this event (a∈Σc,i) and can disableaunambiguously, i.e., all lookalike (forS_i) strings exit the specification as well. Recall that C&P coobservability can be decided in polynomial time [10] in the number of states of the specification and system (but in exponential time in the number of local supervisors).

Since the counterpart of C & P coobservability, called D & A coobservability, is not studied in this paper, C & P coobservability will be referred to as coobservability.

It has been proved in [11] that controllability and coob- servability are the necessary and sufficient conditions to achieve a specification as the resulting closed-loop language.

For languages that fail to satisfy these conditions it is impor- tant to compute a controllable and coobservable sublanguage.

We first recall that decomposability is strongly related to coobservability. A languageK isdecomposablewith respect to alphabets(Σ_i)ⁿ_i=1andLifK=kⁿ_i=1P_i(K)∩L. In the special caseL=Σ^∗ decomposability is called separability [4], i.e.,

K is separable with respect to alphabets (Σ_i)ⁿ_i=1 if K = kⁿ_i=1P_i(K).

Now we are ready to recall that (under the alphabet condition that will be shown non-restrictive in the following subsection) separability implies coobservability.

Theorem 18 ([5]): Assume that Σo,i∩Σc⊆Σc,i, for i= 1,2, . . . ,n. If K is separable with respect to (Σ_o,i)ⁿ_i=1, then K∩Lis coobservable with respect to (Σ_o,i)ⁿ_i=1 andL.

B. Construction of controllable and coobservable sublan- guages based on two-level coordination control

Now we show how the new constructive results of the top-down approach to multilevel coordination control from Section III can be used to compute sublanguages that are by construction controllable and coobservable.

The idea is that owing to our results of coordination control, the supremal conditionally controllable sublanguage (that is in particular controllable) can be computed as a synchronous product of languages over alphabets enriched by communicated events from group coordinators. Hence the resulting language is by construction not only controllable, but in view of Theorem 18 also coobservable. Moreover, due to the multilevel coordination, coordinator events are not communicated among all subsystems, which was our first approach presented in [5] based on the centralized coordination. Roughly speaking, coordinator events from the centralized coordination are distributed to group coordinator events, and only these are to be communicated among the subsystems belonging to the group.

Recall at this point that alphabets in decentralized control are denoted byΣ, while alphabets in coordination control are denoted by A.

It follows from Theorem 14 and its consequences that the supremal two-level conditionally-controllable sublanguage is decomposable with respect to alphabets(A_i+kj)j=1,2,...,m,i∈I_j. Note that conditional decomposability with respect to alphabets(Σ_o,i)ⁿ_i=1andΣk such that∪i6=j(Σ_i∩Σj)⊆Σk, i.e.,

K=kⁿ_i=1P_i+k(K),

is nothing else but separability of K with respect to (Σ_o,i∪ Σk)ⁿ_i=1. An important feature of separability with respect to the alphabets of this form with intersection between all pairs of alphabets being equal toΣk is that it can be checked in polynomial time in the number of local agents [6].

We recall that there always existsΣkthat makes language K conditionally decomposable with respect to (Σ_i)ⁿ_i=1 and Σk, cf. [6]. Moreover, K is conditionally decomposable if and only if there existM_i⊆Σ^∗_i+k such thatK=kⁿ_i=1M_i.

Consider now the setting of decentralized control with sub- sets of events observable (Σ_o,i)ⁿ_i=1 and controllable(Σ_c,i)ⁿ_i=1 by agent (supervisor)i and a specificationK⊆L=L(G).

We plunge the decentralized control problem into the coordination control problem by setting

A_i=Σo,i and A_c,i=Σo,i∩Σc,i.

For simplicity, the same notation for projection is kept, that is, P_i :A^∗→A^∗_i. The plant language G will be over- approximated by a two-level modular plant kⁿ_i=1P_i(G), that

is, by the parallel composition of projections to events observable by local control agents. We will organize the local supervisors into a two-level hierarchy. Similarly as in mul- tilevel coordination control we will group the agents based on their interactions given by intersection of their alphabets, here observationsAi=Σ_o,i. The idea is to place agents with maximal shared observations to the same groups at the lowest level of the multilevel structure. Then, in an ideal situation, there will be no shared observations between different groups of agents, because all shared observations are realized within the low-level groups. This can be formalized by associating a square matrix with the number of shared events observed by both and try to find after permutation a block matrix structure such that the maximum of shared events is situated in the diagonal blocks, while off-diagonal blocks contain very small numbers (ideally zero matrices). Again, we denote m low- level groups of agents byI_j, where j=1,2, . . .m, form≤n.

According to the two-level top-down architecture, we have to find an extension A_k (a high-level coordina- tor alphabet) of these ”high-level shared observations”

A_sh=^{Sk6=`</sup>k,`∈{1,...,m}(A_Ik∩A<sub>I`</sub>) such that A<sub>k</sub>⊇A<sub>sh</sub> and K= k<sup>m</sup><sub>r=1</sub>P<sub>Ir+k</sub>(K). Similarly, we have to extend the shared low- level observations in groups, i.e., A<sub>sh,r</sub>=<sup>Sk6=`}_k,`∈I

r(A_k∩A_`),

forr=1,2, . . . ,m, to low-level coordinator alphabetsA_k,j⊇ A_sh,r such that P_Ir+k(K) =kj∈I_rPj+k_r+k(K), i.e., two-level conditional decomposability holds true.

It is a common assumption in both modular and co- ordination supervisory control that shared events have the same controllability status in all components, i.e.,A_i∩A_c,j⊆ A_c,i, for i,j=1,2, . . . ,n. Since A_i =Σo,i, it is clear that this assumption is equivalent to Σ_o,i∩Σ_c,j⊆Σ_c,i, for i,j= 1,2, . . . ,n. Hence, by Theorem 18, separability implies coob- servability and the condition stated therein is not restrictive.

More precisely we have the following.

Lemma 19: If Σo,i∩Σc,j⊆Σc,i, for i,j=1,2, . . . ,n, then (A_i)ⁿ_i=1 and (A_c,i)ⁿ_i=1 defined above satisfy A_i∩A_c,j⊆A_c,i, for alli,j=1,2, . . . ,n.

OnceA_k andA_kj, for j=1,2, . . . ,m, are found such that two-level conditional decomposability holds, we compute languages L_kj =L(G_kj), sup C_k

j, and sup C_i+k

j as in the previous section, cf. formula (2), where L(G_i)are replaced by P_i(kⁿ_i=1L(G_i)). Namely, for all j =1,2, . . . ,m, L_kj = kⁿ_i=1P_kj(P_i(L)), sup C_k

j=sup C(P_kj(K),L_kj,Akj,u), and for all i∈I_j, sup C_i+k

j =sup C(P_i+kj(K),P_i(L)ksup C_k

j,A_i+kj,u).

Theorem 20: LetK⊆Lbe languages, and let K be two- level conditionally decomposable with respect to (A_i)ⁿ_i=1, A_k,j, and A_k. Then k^m_j=1ki∈I_j sup C_i+k

j is a sublanguage of K controllable with respect to L and A_u, and coobservable with respect toL and(A_i+kj)_j=1,...,m,i∈I_j.

If k^m_j=1∩i∈I_jP_k^i+kj

j (sup C_i+k

j) is controllable with respect to L(G_kj) and A_kj,u, and for all j=1,2, . . . ,m, P_k^kj is an L_kj-observer and OCC for L_kj, then k^m_j=1ki∈I_jsup C_i+k

j =

sup 2cC(K,L,A_i+kj)is the largest controllable and coobserv- able language we can obtain using the two-level coordina- tion.

Note that according to the above results there are stronger sufficient conditions that are more suitable for verifica- tion, namely that for j = 1,2, . . . ,m and i ∈ I_j, either P_k^i+kj

j (sup C_i+k

j) = sup C_k

j, or P_k^i+kj

j are (P_i^i+kj)⁻¹P_i(L)-

observers and OCC for (P_i^i+kj)⁻¹P_i(L). The first condition has the advantage that if it holds, our results can be extended to the non-prefix-closed case. The second condition has the advantage that there are known algorithms to extend the local alphabets such that corresponding projections become OCC and satisfy the observer property. Finally, let us point out that without any assumption (except two-level conditional decomposability)Mmight be a too small language, because without the above additional conditions we cannot guaran- tee the optimality with respect to the coordination control (sup 2cC(K,L,A_i+kj)) and the optimality is lost twice (it is potentially lost due to over-approximation ofLbykⁿ_i=1Pi(L) unless Lis decomposable).

C. Example

Let the languages K and L be given by generators on Figs. 1 and 2, respectively. The alphabets of local agents are Σo,1={a,b,u₁,u}, Σo,2={a,b,u₂,u}, Σo,3={v,b,v₁,b₁}, Σo,4={v,b,v₂,b₂}, Σc,1=Σc,2={a,b}, Σc,3={v,v₁,b₁}, Σc,4={v,v₂,b₂},Σu={b,u,u1,u₂}, andΣc=Σ\Σu.

Note thatK is not controllable with respect toL, because e.g. v₂v₁b∈KΣ_u∩L, but v₂v₁b6∈K. On the other hand,K is coobservable with respect to L andΣ_o,i, for i=1,2,3,4.

However, N=sup C(K,L,Σ_u) is not coobservable with re- spect toLandΣ_o,i, fori=1,2,3,4, anymore. This is because bothv1v2∈Landv2v1∈L,v1v2∈N,v2∈N, whilev2v16∈N.

It is clear that at least one of the agents 3 and 4 has to observe both v₁ and v₂ in order to issue a correct control decision. This means that it is not clear how to compute a sublanguage that is at the same time controllable and coobservable. Also notice that if b were controllable, K would be controllable, but still not coobservable. We now use our two-level coordination control approach.

First, we project the plant to the alphabets of observable events, cf. Fig. 3. The inclusionL⊆ kⁿ_i=1P_i(L)is strict. We set A_i=Σo,ifori=1,2,3,4. Now we have to extendA_sh= (A_I1∩ A_I2) = (A₁∪A₂)∩(A₃∪A₄) ={b}such that forA_k⊇A_sh, and K=P_1+2+k(K)kP_3+4+k(K). It turns out that no extension of A_sh is needed, i.e., A_k={b}.

We now need to find low-level coordination alphabetsA_k1 andA_k2 such that conditions on the low-level for two-level conditionally decomposability hold true. SinceP_1+2+k(K) = P1(K)kP₂(K), there is no need to extend A_sh,1=A1∩A2= {a,u,b} and we take A_k1 =A_sh,1. Therefore, P1+2+k(K) = P1+k₁(K)kP_2+k1(K), with A_k1 ={a,u,b}. In particular, co- ordinator L_k1 is not needed. Secondly, P3+4+k(K) is not decomposable with respect to A_3+k and A_4+k. Hence, we have to extendA_kbyA_k2 to make the equationP_3+4+k(K) = P_3+k2(K)kP_4+k2(K)hold true. We chooseA_k2={v₁,b2,v,b}

and it can be checked that P_3+4+k(K) is conditionally de- composable with respect to alphabets A₃,A₄, andA_k2. The

Fig. 1. SpecificationK

Fig. 2. PlantL

corresponding coordinator for the second group is L_k2 = kⁿ_i=1P_i(L) ={ε,v,vb₂,v₁,v₁b}.

Now starts the actual computation of a sublanguage of K that is both controllable with respect to L and A_u and coobservable with respect to L and observable al- phabets A_1+k1,o, A_2+k1,o, A_3+k2,o, A_4+k2,o. Note that K is not two-level conditionally controllable, hence the con- structive procedure is needed. In fact, P_4+k2(K) given in Fig. 4 is not controllable with respect to P4(L)kP_k2(K) given in Fig. 5. Therefore, corresponding supervisor S4

for P4(L) is not simply given by P4+k₂(K), but has to be computed. Its language is given by sup C_4+k

2 =

sup C(P_4+k2(K),P4(L)ksup C_k

2,A_u,4+k2). First, we compute the supervisor sup C_k

2 for coordinatorL_k2. We have sup C_k

2=

sup C(P_k2(K),Lk₂,Au,k₂) = P_k2(K) = L_k2 computed above.

Thus, sup C_4+k

2 ={v₁,v₂,b,v₂,vb₂} is given by Fig. 5.

This supervisor simply disables v₁ after v₂ has occurred.

b

u₁ a

u b

u₂ a

u v₁

b v

b1

v₂

b v

b2

Fig. 3. ProjectionsP₁(L), . . . ,P₄(L)

v1

b v

b1

b2

b2

v1

v2

v2

v1

b v

b2

Fig. 4. P_3+k2(K)andP_4+k+k2(K)

Similarly, we have to derive the supervisor sup C_3+k

2 for P₃(L). We note thatP_3+k2(K), given in Fig. 4, is controllable with respect to P3(L)kP_k2(K). Thus, sup C_3+k

2 =P_3+k2(K).

Concerning the first group of agents, no control action is required for supervisors sup C_1+k

1 and sup C_2+k

1, because P1+2(K) =P1(L)kP₂(L). Moreover, sup C_1+k

1 =P1+k₁(K) = P₁(K) =P₁(L)and sup C_2+k

1=P_2+k1(K) =P₂(K) =P₂(L).

Since all conditions in Theorem 14 are satisfied, it holds true that sup C_1+k

1ksup C_2+k

1ksup C_3+k

2ksup C_4+k

2 =

sup 2cC(K,L,A_i+kj). In particular, it is controllable with respect toL andA_uand coobservable with respect to L and A_1+k1,o,A_2+k1,o,A_3+k2,o,A_4+k2,o. /

V. CONCLUDING REMARKS

We have extended existential results of multilevel coor- dination control to constructive results with a procedure to compute the supremal sublanguage achievable in the two- level architecture. The constructive results have been applied to decentralized supervisory control with communicating supervisors, where local supervisors communicate with each other via a coordinator of the group.

VI. ACKNOWLEDGMENTS

The authors would like to thank St´ephane Lafortune and Feng Lin for a very fruitful discussion during their visit at the University of Michigan and Wayne State University.

The research was supported by the M ˇSMT grant LH13012 (MUSIC), by RVO: 67985840, and partially by the DFG in grant KR 4381/1-1.

v1

v2

v2

v1

b v

b2

v1

v2

v2

b v

b2

Fig. 5. L₄kP_k2(K)and sup C_4+k2

REFERENCES

[1] G. Barrett and S. Lafortune, “Decentralized supervisory control with communicating controllers,”IEEE Trans. Automat. Control, vol. 45, pp. 1620–1638, 2000.

[2] C. G. Cassandras and S. Lafortune, Introduction to discrete event systems, Second edition. Springer, 2008.

[3] L. Feng, “Computationally efficient supervisor design for discrete- event systems,” Ph.D. dissertation, University of Toronto, 2007.

[Online]. Available: http://www.kth.se/polopoly fs/1.24026!thesis.zip [4] B. Gaudin and H. Marchand, “Supervisory control of product and

hierarchical discrete event systems,”Eur. J. Control, vol. 10, no. 2, pp. 131–145, 2004.

[5] J. Komenda and T. Masopust, “A bridge between decentralized and coordination control,” inProc. of Allerton Conference on Computing and Control 2013, Alerton Park, Monticello, USA, 2013, pp. 966–972.

[6] J. Komenda, T. Masopust, and J. H. van Schuppen, “On conditional decomposability,”Systems Control Lett., vol. 61, no. 12, pp. 1260–

1268, 2012.

[7] ——, “Multilevel coordination control of modular DES,” inProc. 52nd IEEE Conference on Decision and Control (CDC.2013). New York:

IEEE Press, 2013, pp. 6323–6328.

[8] ——, “Coordination control of discrete-event systems revisited,”Dis- crete Event Dyn. Syst., 2014, to appear.

[9] S. L. Ricker and K. Rudie, “Know means no: Incorporating knowledge into discrete-event control systems,”IEEE Trans. Automat. Control, vol. 45, no. 9, pp. 1656–1668, 2000.

[10] K. Rudie and J. C. Willems, “The computational complexity of decentralized discrete-event control problems,”IEEE Trans. Automat.

Control, vol. 40, no. 7, pp. 1313–1319, 1995.

[11] K. Rudie and W. M. Wonham, “Think globally, act locally: Decen- tralized supervisory control,”IEEE Trans. Automat. Control, vol. 37, no. 11, pp. 1692–1708, 1992.

[12] K. C. Wong and W. M. Wonham, “Hierarchical control of discrete- event systems,”Discrete Event Dyn. Syst., vol. 6, no. 3, pp. 241–273, 1996.

[13] T. S. Yoo and S. Lafortune, “A general architecture for decentralized supervisory control of discrete-event systems,” Discrete Event Dyn.

Syst., vol. 12, no. 3, pp. 335–377, 2002.

[14] ——, “Decentralized supervisory control with conditional decisions:

Supervisor existence,”IEEE Trans. Automat. Control, vol. 49, no. 11, pp. 1886–1904, 2004.